CN114221785B - Non-inductive boundary data exchange method - Google Patents
Non-inductive boundary data exchange method Download PDFInfo
- Publication number
- CN114221785B CN114221785B CN202111362134.4A CN202111362134A CN114221785B CN 114221785 B CN114221785 B CN 114221785B CN 202111362134 A CN202111362134 A CN 202111362134A CN 114221785 B CN114221785 B CN 114221785B
- Authority
- CN
- China
- Prior art keywords
- component
- service
- boundary
- cnetport
- bnetport
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 title claims abstract description 28
- 230000000977 initiatory effect Effects 0.000 claims abstract description 33
- 230000005540 biological transmission Effects 0.000 claims abstract description 13
- 230000001939 inductive effect Effects 0.000 claims abstract description 13
- 230000006835 compression Effects 0.000 claims description 21
- 238000007906 compression Methods 0.000 claims description 21
- 238000012545 processing Methods 0.000 claims description 7
- 238000005538 encapsulation Methods 0.000 claims description 6
- 238000012827 research and development Methods 0.000 abstract description 7
- 230000002457 bidirectional effect Effects 0.000 abstract description 2
- 239000003999 initiator Substances 0.000 description 3
- 230000006978 adaptation Effects 0.000 description 2
- 230000009286 beneficial effect Effects 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 230000003993 interaction Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000004806 packaging method and process Methods 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0209—Architectural arrangements, e.g. perimeter networks or demilitarized zones
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/08—Access security
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The application discloses a non-inductive boundary data exchange method, which relates to the technical field of safety boundary exchange and comprises the following steps: the calibration noninductive boundary data exchange component is respectively deployed at two ends of the boundary and comprises a CNetPort component and a BetPort component, an initiating terminal obtains service by accessing the BetPort component, the BetPort component accesses the CNetPort component through the boundary, the CNetPort component accesses the service provided by the service terminal, a CNetPort return service result returns to the BetPort component through the boundary, and the BetPort component returns information to the initiating terminal. According to the application, the noninductive boundary switching assembly is constructed through the capabilities of request packetization/packetization, file type identification, automatic ferrying, internal route distribution and the like, so that the boundary limitation is transparent to developers, the efficient research and development and rapid deployment of software developers are assisted, the problems of bidirectional fixation of a boundary switching platform to a server IP of a service developer, the limitation of transmission content Json and the limitation of transmission length are solved, and the research and development speed of the developer is greatly improved.
Description
Technical Field
The application relates to the technical field of safety boundary exchange, in particular to a non-inductive boundary data exchange method.
Background
The secure border switching platform is generally used as a border between a low-security network and a high-security network, data services are generally stored in the high-security network, and service consumption applications are generally deployed in the low-security network, and generally configured as follows: registering the IP and Mac addresses of the computer devices at both ends of the boundary. And registering the API interfaces and parameters of the services at the two ends of the boundary to configure the http ferry service. In the process of calling the API interface, only json character strings are allowed to be transmitted, and the boundary platform examines the parameter content of the call. During API interface calls, the call packet size is severely limited (typically 50K), so large files must be ferred through the ftp ferry service.
However, in the dual-network interaction platform with strict service interfaces, access to the internet is strictly limited, and data packet size is strictly limited and data flow is not supported, so that a scene of connecting an intranet and an extranet cannot be realized basically, which is as follows:
1. the servers are fixed in two directions, the servers at the two ends of the boundary are two registered computer devices, and the replacement server needs to be applied for a boundary manager again.
2. The transmission content is limited, and the transmission of binary files is limited because the transmission content can only transmit json character strings.
3. The transmission length is limited, and large files cannot be transmitted through the interface because the transmission content defines the packet size (typically 50K).
Because of the problems, the existence of the boundary needs to be noticed at any time in the process of software development, so that a lot of trouble is caused to the software development, the problem of boundary rule needs to be noticed every time the call is made, and a lot of debugging time is consumed.
For the problems in the related art, no effective solution has been proposed at present.
Disclosure of Invention
Aiming at the problems in the related art, the application provides a non-inductive boundary data exchange method, which constructs a non-inductive boundary exchange component through the capabilities of request subpackaging/group packaging, file type identification automatic ferrying, internal route distribution and the like, so that boundary limitation is transparent to developers, and the application assists software developers in efficient research and development and rapid deployment so as to overcome the technical problems existing in the prior related art.
The technical scheme of the application is realized as follows:
a method of non-inductive boundary data exchange, comprising the steps of:
step S1, calibrating noninductive boundary data exchange components which are respectively deployed at two ends of a boundary and comprise a CNetPort component and a BnetPort component;
step S2, the initiating terminal obtains service by accessing the BNEtPort component;
step S3, the BNEtPort component accesses the CNetPort component through the boundary;
step S4, the CNetPort component accesses the service provided by the service end, and the CNetPort return service result is returned to the BetPort component through the boundary;
and S5, the BNEtPort component returns information to the initiating terminal.
The initiating terminal obtains service by accessing the BNEtPort component, and the method comprises the following steps:
step S201, an initiating terminal initiates a request, and a BNEtPort component analyzes the request and encapsulates a compression request, wherein the compression request comprises automatic compression request information by a compression algorithm;
step S202, judging the type of the request information, wherein the type comprises a file type and a character type, and the method comprises the following steps:
step S20201, if the current request information is the file type, determines whether the current request information is greater than 50K, including:
if the current file type is calibrated to be larger than 50K, automatically initiating ftp ferrying service and generating file toekn notification through a BNEtPort component and initiating http ferrying service;
if the current file type is calibrated to be smaller than 50K, converting the file into a Base64 code through a BNEtPort component, and automatically initiating an http ferrying service;
the CNetPort component receives the ftp ferrying service and the http ferrying service, analyzes the request, processes and encapsulates the reply consumer terminal;
step S20202, if the current request information is of the character type, determines whether it is greater than 50K, including:
the type of the calibration character is larger than 50K, and the BNEtPort component is used for carrying out segmented transmission and automatically initiating http ferrying service;
calibrating the character type to be less than 50K, and automatically initiating an http ferry service;
and the CNetPort component receives the http ferry service and processes the package reply consumer after analyzing the request.
Wherein, still include the following step:
step S501, a CNetPort component deploys an intranet server and receives a BNEtPort component encapsulation compression request to analyze the request;
step S502, the CNetPort component analyzes the request and distributes the request, wherein the CNetPort component forwards the acquired request of the network boundary of the consumer to any computer in the network for processing;
step S503, obtaining a processing result and performing CNetPort component encapsulation compression reply result.
The CNetPort component encapsulates the compression reply result, including the following steps:
step S50301, the CNetPort component automatically initiates an http reply ferrying service and returns the BnetPort component;
in step S50302, the BNetPort component receives and automatically initiates an http reply ferrying service and returns a reply result back to the initiator.
The application has the beneficial effects that:
the application respectively deploys at the two ends of the boundary through calibrating the noninductive boundary data exchange components, the initiating terminal obtains services by accessing the BNEtPort component, the BNEtPort component accesses the CNet Port component through the boundary, the CNet Port component accesses the services provided by the service terminal, the CNet Port returns the service result to the BNEtPort component through the boundary, the BNEtPort component returns information to the initiating terminal, the noninductive boundary exchange components are constructed through the capabilities of request packetization/packet grouping, file type identification automatic ferrying, internal route distribution and the like, the boundary limitation is transparent to developers, the efficient research and development of the software developers are assisted, the problem that the boundary exchange platform limits Json and transmission length limitation to the server IP of the service developer is solved, and for the software developers, the existence of the boundary development software can be ignored through the boundary data service component, and the research and development speed of the developers is greatly improved.
Drawings
In order to more clearly illustrate the embodiments of the present application or the technical solutions in the prior art, the drawings that are needed in the embodiments will be briefly described below, and it is obvious that the drawings in the following description are only some embodiments of the present application, and other drawings may be obtained according to these drawings without inventive effort for a person skilled in the art.
Fig. 1 is a flow chart of a method for exchanging non-inductive boundary data according to an embodiment of the application.
Detailed Description
The following description of the embodiments of the present application will be made clearly and completely with reference to the accompanying drawings, in which it is apparent that the embodiments described are only some embodiments of the present application, but not all embodiments. All other embodiments, which are derived by a person skilled in the art based on the embodiments of the application, fall within the scope of protection of the application.
According to an embodiment of the application, a non-inductive boundary data exchange method is provided.
As shown in fig. 1, the method for exchanging non-inductive boundary data according to an embodiment of the present application includes the following steps:
the architecture is divided into three parts of (mobile private network) mobile phone application, (mobile private network) mobile private network server group and (security intranet) intranet server group in advance, the wireless mobile private network and the mobile private network server group are interconnected and intercommunicated without boundaries, and a boundary exchange platform exists between the security intranet and the mobile private network.
Step S1, calibrating noninductive boundary data exchange components which are respectively deployed at two ends of a boundary and comprise a CNetPort component (a service end component) and a BNEtPort component (a consumption end component);
according to the technical scheme, the CNetPort component and the BetPort component are deployed, so that the server side and the consumer side cannot feel the existence of the boundary, and the software deployment and development are facilitated.
As shown in fig. 1, the method comprises the following steps:
step S2, the initiating terminal obtains service by accessing the BNEtPort component;
step S3, the BNEtPort component accesses the CNetPort component through the boundary;
step S4, the CNetPort component accesses the service provided by the service end, and the CNetPort return service result is returned to the BetPort component through the boundary;
and S5, the BNEtPort component returns information to the initiating terminal.
Specifically, as shown in fig. 1, the initiator obtains a service by accessing the BNetPort component, which includes the following steps:
deploying a non-inductive boundary data exchange component;
step S201, an initiating terminal initiates a request, and a BNEtPort component analyzes the request and encapsulates a compression request, wherein the compression request comprises automatic compression request information by a compression algorithm;
step S202, judging the type of the request information, wherein the type comprises a file type and a character type, and the method comprises the following steps:
in addition, step S20201, if the current request information is the file type, determines whether it is greater than 50K, including:
if the current file type is calibrated to be larger than 50K, automatically initiating ftp ferrying service and generating file toekn notification through a BNEtPort component and initiating http ferrying service;
if the current file type is calibrated to be smaller than 50K, converting the file into a Base64 code through a BNEtPort component, and automatically initiating an http ferrying service;
the CNetPort component receives the ftp ferrying service and the http ferrying service, analyzes the request, processes and encapsulates the reply consumer terminal;
in addition, step S20202, if the current request information is of the character type, determines whether it is greater than 50K, including:
the type of the calibration character is larger than 50K, and the BNEtPort component is used for carrying out segmented transmission and automatically initiating http ferrying service;
calibrating the character type to be less than 50K, and automatically initiating an http ferry service;
the CNetPort component receives the http ferry service and processes the package reply consumption end after analyzing the request;
further, as shown in fig. 1, the method further comprises the steps of:
step S501, a CNetPort component deploys an intranet server and receives a BNEtPort component encapsulation compression request to analyze the request;
step S502, the CNetPort component analyzes the request and distributes the request, wherein the CNetPort component forwards the acquired request of the network boundary of the consumer to any computer in the network for processing;
step S503, obtaining a processing result and performing CNetPort component encapsulation compression reply result;
specifically, the method comprises the following steps:
and creating an internal route through the non-inductive boundary data exchange component, and forwarding the network boundary request of the consumer to any computer in the network for processing so as to return through the non-inductive boundary data exchange component.
In the technical scheme, the non-inductive boundary data exchange component creates an internal route, and solves the problem of route limitation.
Furthermore, it is specifically stated that the CNetPort component encapsulates the compression reply result, comprising the steps of:
step S50301, the CNetPort component automatically initiates an http reply ferrying service and returns the BnetPort component;
in step S50302, the BNetPort component receives and automatically initiates an http reply ferrying service and returns a reply result back to the initiator.
In summary, by means of the above technical solution of the present application, by calibrating the noninductive boundary data exchange components, the noninductive boundary data exchange components are respectively deployed at two ends of the boundary, the initiating terminal obtains services by accessing the BNetPort component, the BNetPort component accesses the CNetPort component through the boundary, the CNetPort component accesses the services provided by the service terminal, the CNetPort returns the service result to the BNetPort component through the boundary, the BNetPort component returns information to the initiating terminal, and the capabilities of automatic ferrying, internal routing distribution, etc. through request packet/group packet and file type identification are realized, so as to construct the noninductive boundary exchange components, make the boundary limitation transparent to developers, assist the efficient research and development of software developers, and fast deployment, solve the problems of bidirectional fixation of the boundary exchange platform to the server IP of the service developer, limitation of the transmission content Json, and limitation of the transmission length, and for the software developers, through the boundary data service component, the existence of the boundary can be ignored, and the research and development speed of the developers is greatly improved.
The foregoing is merely a preferred embodiment of the present application and is not intended to limit the present application, and other embodiments of the present disclosure will be readily apparent to those skilled in the art after considering the disclosure herein in the specification and examples. This application is intended to cover any adaptations, uses, or adaptations of the disclosure following, in general, the principles of the disclosure and including such departures from the present disclosure as come within known or customary practice within the art to which the disclosure pertains. It is intended that the specification and examples be considered as exemplary only, with a true scope and spirit of the disclosure being indicated by the following claims.
It is to be understood that the present disclosure is not limited to the precise arrangements and instrumentalities shown in the drawings, and that various modifications and changes may be effected without departing from the scope thereof. The scope of the present disclosure is limited only by the appended claims.
Claims (3)
1. A method for exchanging non-inductive boundary data, comprising the steps of:
the calibration noninductive boundary data exchange components are respectively deployed at two ends of the boundary and comprise a CNetPort component and a BnetPort component;
the initiating terminal obtains service by accessing the BNEtPort component;
the BNEtPort component accesses the CNetPort component through the boundary;
the CNetPort component accesses the service provided by the service end, and a CNetPort return service result is returned to the BnetPort component through the boundary;
the BNEtPort component returns information to the initiating terminal; wherein,
the initiating terminal obtains service by accessing the BNEtPort component, which comprises the following steps:
the method comprises the steps that an initiating terminal initiates a request, a BNEtPort component analyzes the request and encapsulates a compression request, wherein the compression request comprises automatic compression request information by a compression algorithm;
determining the type of the request information, wherein the type comprises a file type and a character type, and the method comprises the following steps of:
if the current request information is the file type, judging whether the current request information is more than 50K, including:
if the current file type is calibrated to be larger than 50K, automatically initiating ftp ferrying service and generating file toekn notification through a BNEtPort component and initiating http ferrying service;
if the current file type is calibrated to be smaller than 50K, converting the file into a Base64 code through a BNEtPort component, and automatically initiating an http ferrying service;
the CNetPort component receives the ftp ferrying service and the http ferrying service, analyzes the request, processes and encapsulates the reply consumer terminal;
if the current request information is of a character type, judging whether the current request information is larger than 50K or not, including:
the type of the calibration character is larger than 50K, and the BNEtPort component is used for carrying out segmented transmission and automatically initiating http ferrying service;
calibrating the character type to be less than 50K, and automatically initiating an http ferry service;
and the CNetPort component receives the http ferry service and processes the package reply consumer after analyzing the request.
2. The sensorless boundary data exchange method of claim 1 further comprising the steps of:
the CNetPort component deploys an intranet server and receives the BnetPort component encapsulation compression request to analyze the request;
the CNetPort component analyzes the request and distributes the request, wherein the CNetPort component forwards the acquired request of the network boundary of the consumer terminal to any computer in the network for processing;
and obtaining a processing result and carrying out CNetPort component encapsulation compression reply result.
3. The method of exchanging sensorless boundary data of claim 2, wherein the CNetPort component encapsulates compression reply results, comprising the steps of:
the CNetPort component automatically initiates an http reply ferrying service and returns the BNEtPort component;
the BNEtPort component receives and automatically initiates the http reply ferrying service and restores the reply result to return to the initiating terminal.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111362134.4A CN114221785B (en) | 2021-11-17 | 2021-11-17 | Non-inductive boundary data exchange method |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111362134.4A CN114221785B (en) | 2021-11-17 | 2021-11-17 | Non-inductive boundary data exchange method |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN114221785A CN114221785A (en) | 2022-03-22 |
| CN114221785B true CN114221785B (en) | 2023-11-24 |
Family
ID=80697384
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202111362134.4A Active CN114221785B (en) | 2021-11-17 | 2021-11-17 | Non-inductive boundary data exchange method |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN114221785B (en) |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103778058A (en) * | 2013-12-11 | 2014-05-07 | 国家无线电监测中心检测中心 | TETRA digital trunked air interface test method and system based on TTCN-3 |
| CN104580192A (en) * | 2014-12-31 | 2015-04-29 | 网宿科技股份有限公司 | Processing method and device for network access requests of application program |
| CN106357776A (en) * | 2016-09-23 | 2017-01-25 | 北京奇虎科技有限公司 | Method and device for selecting transmission resource of streaming data |
| CN106657014A (en) * | 2016-11-16 | 2017-05-10 | 东软集团股份有限公司 | Data accessing method, device and system |
| CN109889558A (en) * | 2017-12-06 | 2019-06-14 | 广州华旻信息科技有限公司 | Data transmission method, middleware and the system of internet of things oriented application |
| CN110278181A (en) * | 2019-01-29 | 2019-09-24 | 广州金越软件技术有限公司 | A kind of instant protocol conversion technology about inter-network data exchange |
-
2021
- 2021-11-17 CN CN202111362134.4A patent/CN114221785B/en active Active
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103778058A (en) * | 2013-12-11 | 2014-05-07 | 国家无线电监测中心检测中心 | TETRA digital trunked air interface test method and system based on TTCN-3 |
| CN104580192A (en) * | 2014-12-31 | 2015-04-29 | 网宿科技股份有限公司 | Processing method and device for network access requests of application program |
| CN106357776A (en) * | 2016-09-23 | 2017-01-25 | 北京奇虎科技有限公司 | Method and device for selecting transmission resource of streaming data |
| CN106657014A (en) * | 2016-11-16 | 2017-05-10 | 东软集团股份有限公司 | Data accessing method, device and system |
| CN109889558A (en) * | 2017-12-06 | 2019-06-14 | 广州华旻信息科技有限公司 | Data transmission method, middleware and the system of internet of things oriented application |
| CN110278181A (en) * | 2019-01-29 | 2019-09-24 | 广州金越软件技术有限公司 | A kind of instant protocol conversion technology about inter-network data exchange |
Also Published As
| Publication number | Publication date |
|---|---|
| CN114221785A (en) | 2022-03-22 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Baumer et al. | Grasshopper—A universal agent platform based on OMG MASIF and FIPA standards | |
| US9401962B2 (en) | Traffic steering system | |
| US20100255819A1 (en) | Method of managing information by a large capacity uicc | |
| CN111866124B (en) | Method, device, server and machine-readable storage medium for accessing webpage | |
| RU2660635C2 (en) | Method and apparatus for controlling service chain of service flow | |
| CN110417766A (en) | A kind of method and apparatus of protocol analysis | |
| CN110554927A (en) | Micro-service calling method based on block chain | |
| CN111818158B (en) | Gateway control method, device, electronic equipment and storage medium | |
| CN113259479B (en) | Data processing method and equipment | |
| CN112312391B (en) | Authentication method, system and related equipment | |
| CN109660504A (en) | System and method for controlling the access to enterprise network | |
| CN113132308B (en) | Network security protection method and protection equipment | |
| CN112104640A (en) | Data processing method, device and equipment of gateway and readable storage medium | |
| Kherani et al. | Development of mec system for indigenous 5g test-bed | |
| CN114221785B (en) | Non-inductive boundary data exchange method | |
| CN109286688A (en) | A kind of data download method and device | |
| CN113423120A (en) | Data distribution processing method and device based on private network terminal and electronic equipment | |
| CN111371775A (en) | Single sign-on method, device, equipment, system and storage medium | |
| US20230097005A1 (en) | Container network interface for applying security policies to network traffic of containers | |
| US20230101920A1 (en) | Proxy ssh public key authentication in cloud environment | |
| CN115834684A (en) | Data processing method, cloud desktop system, equipment and storage medium | |
| US20230006967A1 (en) | Machine learning capable mac filtering for enforcing edge security over mac randomization in wlan networks | |
| US20220182395A1 (en) | Early malware detection in on-the-fly security sandboxes using recursive neural networks (rnns)to capture relationships in behavior sequences on data communication networks | |
| CN108183885A (en) | A kind of data leakage prevention method and system based on ICAP agreements | |
| CN109756454B (en) | Data interaction method, device and system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |